One of the major concerns today may be web application security attacks that mostly target the client-side of web applications. The security attacks may target the web-browser and the web application code that runs on the client-side. The attacks may include for example, man-in-the-browser (MITB) problem where a trojan/malware may have been installed insidiously on a victim's computer/browser and may maliciously tamper with a web application code and/or data to steal credentials, commit fraud, steal data, or cause harm to the person and/or the web application owner and/or its users. Other types of web application security attacks that may impact the client-side of the web application code include code injection attacks (reflected cross-site scripting attacks, document object model (DOM)-based cross-site scripting attacks or cross-site request forgery), data theft or data leakage attacks.
Some of the above mentioned security threats can be counteracted by using a number of different security solutions such as anti-virus, anti-malware, fraud-screening solutions, etc., running on one or more of a server or client and/or optionally, running one or more vulnerability scanning solutions to find and fix security vulnerabilities. However, these may be isolated measures prone to failure of detection and mitigation of the aforementioned attacks and require cooperation of an end user which may not work.
Thus, there is a need for a solution that ensures the security of web applications.